Currently, I have this design:
The DC and the Corporate Office have a dedicated Optiman Circuit, and they are also connected via MPLS. Both locations have also Internet connection with ASA Firewalls
HQ and DC are also connected to one small branche via MPLS as well. This location also has Internet with ASA Firewall
I am not running any routing protocols and currently relying on static routes. It is getting very difficult to manage because we are growing fast.
I like to introduce OSPF internally and BGP to MPLS so we can redistribute OSPF to BGP for end-to-end reachibility.
I need some advise (Best Practice)
Obviously, between HQ and DC we would prefere Optiman as a first choice path, followed by MPLS/BGP followed by Internet IPSEC site-to-site.
For the small branch, the first preference will be MPLS/BGP, followed by Internet site-to-site VPN.
From what I know, I will have to call our ISP and ask them to provdide internal AS for us to enabing BGP on our all MPLS routers at our three locations.
I am looking for a best practices and configuration guidelines such as how to setup up BGP, redistribute OSPF into BGP and configure path preferences. For example. For site-to-site VPN how to configure BGP as a secondary path etc.
Any help will be appreciated.